GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,113
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,904
Maven 5,105
npm 3,635
NuGet 638
pip 3,250
Pub 10
RubyGems 867
Rust 819
Swift 35

Unreviewed advisories

All unreviewed 228,688

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,708 advisories

Filter by severity

Sort by

Least recently updated

The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one... Moderate Unreviewed

CVE-2024-6845 was published Sep 25, 2024

This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS... Moderate Unreviewed

CVE-2024-40863 was published Sep 17, 2024

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS... Moderate Unreviewed

CVE-2024-44125 was published Sep 17, 2024

The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating... Moderate Unreviewed

CVE-2024-7892 was published Sep 25, 2024

Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before... Moderate Unreviewed

CVE-2015-1383 was published May 17, 2022

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS... Moderate Unreviewed

CVE-2024-40860 was published Sep 17, 2024

This issue was addressed through improved state management. This issue is fixed in Safari 18,... Moderate Unreviewed

CVE-2024-40857 was published Sep 17, 2024

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of... Moderate Unreviewed

CVE-2024-44187 was published Sep 17, 2024

The WP ULike WordPress plugin before 4.7.4 does not sanitise and escape some of its settings,... Moderate Unreviewed

CVE-2024-7878 was published Sep 25, 2024

This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and... Moderate Unreviewed

CVE-2024-44191 was published Sep 17, 2024

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... Moderate Unreviewed

CVE-2024-44176 was published Sep 17, 2024

This issue was addressed through improved state management. This issue is fixed in iOS 18 and... Moderate Unreviewed

CVE-2024-44124 was published Sep 17, 2024

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2024-44135 was published Sep 17, 2024

Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS... Moderate Unreviewed

CVE-2024-43990 was published Sep 25, 2024

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-8546 was published Sep 25, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in TaxoPress WordPress... Moderate Unreviewed

CVE-2024-43237 was published Sep 25, 2024

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in... Moderate Unreviewed

CVE-2024-44128 was published Sep 17, 2024

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS... Moderate Unreviewed

CVE-2024-44129 was published Sep 17, 2024

Permission control vulnerability in the audio module. Successful exploitation of this... Moderate Unreviewed

CVE-2023-41311 was published Sep 27, 2023

HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow... Moderate Unreviewed

CVE-2023-4393 was published Oct 30, 2023

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-8858 was published Sep 25, 2024

The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-8678 was published Sep 25, 2024

The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross... Moderate Unreviewed

CVE-2024-3866 was published Sep 25, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-47303 was published Sep 25, 2024

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed

CVE-2024-8910 was published Sep 25, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

104,708 advisories